Economic Development Administration Goes ‘Rambo’ on Itself

There exists in the Department of Commerce an irrelevant Great Society relic called the Economic Development Administration. With a relatively small budget of around $400 million, the EDA acts as a slush fund for Congress to shovel subsidies to their districts for projects that should be funded locally or privately.

Around the same time that the EDA came under attack from Rep. Pompeo, the agency believed that it had also suffered a cyber attack on its IT infrastructure. National Review Online’sKevin Williamson has the story, which has to be one of the all-time greatest examples of bureaucratic ineptitude:

The trouble began in December 2011, when the Department of Homeland Security alerted Commerce that it had discovered a possible malware infection in the department, specifically within the network located within the Hoover Building. The EDA’s immediate reaction — based on absolutely nothing — was: cyberwar! According to the [Dept. of Commerce inspector general] audit, the main concern among the EDA’s top brass was that the agency was under attack by a nation-state actor. There was no evidence to support that fear, and a good deal of evidence to the contrary, but the EDA basically went to whatever is the Commerce Department’s version of DEFCON 1.

As Kevin deftly wise-cracks, “If the Chi-Coms wanted to hurt the U.S. economy, they wouldn’t attack EDA; they’d hire a lobbyist to increase its funding.” But, after all, we’re talking about an agency that has an amazingly inflated sense of self-worth. And so the EDA decided that it wasn’t taking any chances – the agency’s entire IT infrastructure had to go:

Rather than acknowledge the fact that the malware was almost certainly the result of somebody’s clicking on a link to an infected funny-cat video on a department computer, EDA proceeded as though it were facing the tip of the spear in a cyberwar attack by a foreign power. First it cut its computers off from the rest of the network in an effort to keep the malware from spreading, a defensible decision if one that was overcautious in light of the evidence, which pointed to nothing more than a common infection. What happened next, though, demonstrated fascinating ineptitude: Rather than simply identifying the infected computers and fixing them, the agency set about physically destroying its IT hardware — not just computers, but keyboards, printers, digital cameras, and other equipment entirely unrelated to the problem.

This being the federal government, contractors made a killing: EDA spent a mere $4,300 on the process of physically destroying $170,500 worth of computers and equipment, but spent another $1.4 million on advice from contractors, and another $1 million on temporary computers to use while it was destroying the ones it already had.

The only thing that stopped EDA from destroying its entire IT infrastructure was that it ran out of money to fund the demolition.

As the inspector general put it, there was “no evidence of a widespread malware infection,” while Commerce “propagated inaccurate information” and “did not follow the department’s incident-response procedures,” and the man in charge “did not have the requisite experience or qualifications.” The head of the EDA is one Matt Erskine, a Democratic time-server and campaign donor, veteran of the Warner administration in Virginia, and, hilariously enough, formerly “a principal in the Advanced Technology-Telecom and Professional Services practices of the management consulting firm Korn-Ferry International.”

Were it not for the wasted tax dollars and the fact that this bumbling agency will continue to exist thanks to both Republicans and Democrats, the entire episode would be downright hilarious. Attempting to stop a cyber attack by destroying keyboards and digital cameras?! That must have been a sight to behold. For me, it brings to mind this scene from the end of the second Rambo movie: